I have 2 clusters ( one cluster with 2*4500C for production and 2*4500B for MCP). Currently both are operating as independent clusters i.e traditional proxy cluster (with one being director and the other being scanning node).
I want the configuration on both clusters to be in sync always i.e whenever a policy change is done on prod, changes should reflect to MCP cluster to avoid manual work. FYI, i dont have any central management server to manage these 2 independent clusters.
Planning to implement Transit group mode deployment, let me know if it is recommended or not.
attached the design for reference.
That should work just fine, for this scenario it would also be ok if all nodes talked to each other too. But if you want to control the communication, then creating a transit group will work just fine.
thanks Jon for the quick response. All nodes are on the same VLAN and bidirectional communication is in place. The 2 clusters have different cluster identifiers as both are residing on same subnet/VLAN. Hope this is not a show stopper. Also does all nodes should be running the same version to implement transit mode? Bcoz in my scenario, prod cluster boxes are running 18.104.22.168.0 and MCP cluster boxes are running 22.214.171.124.0.
Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center